Test kitchen setup to test detection of audit-cookbook

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
This commit is contained in:
Clinton Wolfe 2020-05-25 20:58:51 -04:00
parent 43a5fd7945
commit d5be4c2927
4 changed files with 48 additions and 2 deletions

View file

@ -13,6 +13,7 @@ verifier:
lifecycle: lifecycle:
# This pre_create hook, along with the install_inspec cookbook, ensures that # This pre_create hook, along with the install_inspec cookbook, ensures that
# the VM has a version of InSpec that matches that built from source. # the VM has a version of InSpec that matches that built from source.
# Note that audit cookbook will ignore this.
pre_create: pre_create:
- local: cd inspec-bin && gem build inspec-core-bin.gemspec --output ../test/kitchen/cookbooks/install_inspec/files/inspec-core-bin.gem - local: cd inspec-bin && gem build inspec-core-bin.gemspec --output ../test/kitchen/cookbooks/install_inspec/files/inspec-core-bin.gem
- local: gem build inspec-core.gemspec --output test/kitchen/cookbooks/install_inspec/files/inspec-core.gem - local: gem build inspec-core.gemspec --output test/kitchen/cookbooks/install_inspec/files/inspec-core.gem
@ -27,3 +28,22 @@ suites:
- name: run-context-tk - name: run-context-tk
run_list: run_list:
- recipe[install_inspec] - recipe[install_inspec]
# This test suite uses a pair of profiles to check the Telemetry Run Context
# detection system under audit cookbook.
- name: run-context-after-audit
run_list:
- recipe[install_inspec]
- recipe[audit]
attributes:
audit:
profiles:
# This actually runs during converge time, and performs the stack
# probe that we care about. It writes a JSON copy of the stack that
# it saw to /tmp/audit_stack.json . run-context-after-audit examines
# that JSON file and runs it through the context probe to see what it gets.
run-context-during-audit:
# This should work but doesn't :-(
# path: <%= Dir.pwd %>/test/integration/run-context-during-audit/
url: https://github.com/inspec/inspec-test-profile-run-context-audit/archive/v0.3.2.zip

View file

@ -4,8 +4,8 @@ module Inspec
# All stack values here are determined experimentally # All stack values here are determined experimentally
class RunContextProbe class RunContextProbe
def self.guess_run_context def self.guess_run_context(stack = nil)
stack = caller_locations stack ||= caller_locations
return "test-kitchen" if kitchen?(stack) return "test-kitchen" if kitchen?(stack)
return "cli" if run_by_thor?(stack) return "cli" if run_by_thor?(stack)
return "audit-cookbook" if audit_cookbook?(stack) return "audit-cookbook" if audit_cookbook?(stack)

View file

@ -0,0 +1,16 @@
# run-context-during-audit should have left a file with a JSON
# representation of the stack as experienced by the audit cookbook.
raw_data = JSON.parse(file("/tmp/audit_stack.json").content)
# These aren't really stack frames, so we do some duck typing
Frame = Struct.new(:absolute_path, :label)
reconstructed_stack = raw_data.map{ |f| Frame.new(f["absolute_path"], f["label"]) }
require "inspec/utils/telemetry/run_context_probe"
control "run-context" do
describe Inspec::Telemetry::RunContextProbe.guess_run_context(reconstructed_stack) do
it { should eq "audit-cookbook" }
end
end

View file

@ -0,0 +1,10 @@
name: run-context-after-audit
title: InSpec Profile
maintainer: InSpec Engineering
copyright: Chef Software, Inc.
copyright_email: inspec@chef.io
license: Apache-2.0
summary: An InSpec Compliance Profile to test inspec run context detection under audit-cookbook
version: 0.1.0
supports:
platform: os